Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/b0073d-388f-4ab9-b90e-71c7e8ac59c0/1/hyBVnrOAQRwpRDEhXcGzT3PX370.roa
File:                     hyBVnrOAQRwpRDEhXcGzT3PX370.roa (raw, json)
Hash identifier:          TgkwFh+Muhvnk6HrYjHtwtoQyivBi+fheiE6Nliu5fw=
Subject key identifier:   87:20:55:9E:B3:80:41:1C:29:44:31:21:5D:C1:B3:4F:73:D7:DF:BD
Certificate issuer:       /CN=5fadd0e945bc61101c69bce64a3d728ba1bb8661
Certificate serial:       4E7A35
Authority key identifier: 5F:AD:D0:E9:45:BC:61:10:1C:69:BC:E6:4A:3D:72:8B:A1:BB:86:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X63Q6UW8YRAcabzmSj1yi6G7hmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/b0073d-388f-4ab9-b90e-71c7e8ac59c0/1/hyBVnrOAQRwpRDEhXcGzT3PX370.roa
Signing time:             Sat 01 Jan 2022 00:58:52 +0000
ROA not before:           Sat 01 Jan 2022 00:58:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207493
IP address blocks:        94.231.193.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5143093 (0x4e7a35)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fadd0e945bc61101c69bce64a3d728ba1bb8661
        Validity
            Not Before: Jan  1 00:58:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8720559eb380411c294431215dc1b34f73d7dfbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:bb:9c:48:15:bb:8a:62:eb:e4:26:e8:d5:ff:
                    92:73:c5:1f:3f:96:9d:63:b3:b6:a4:9e:af:94:90:
                    b0:44:78:28:26:c9:c0:7c:0f:c3:f4:01:21:d8:b0:
                    5e:75:f7:09:7a:88:9d:de:fa:84:04:4b:4a:3f:b8:
                    d6:eb:43:7d:5e:c4:f1:56:05:be:e0:9c:ba:d6:c3:
                    48:98:a8:02:aa:8c:e5:8b:72:16:11:37:60:a4:a6:
                    0d:87:f8:70:39:98:dc:7f:0b:2b:81:dd:83:9d:ad:
                    89:17:1a:dc:f1:56:2a:d9:2e:a4:50:c7:f0:3d:fb:
                    e4:ce:b7:51:0b:74:f6:1b:87:fc:73:73:1e:94:f7:
                    26:f1:c7:63:11:67:eb:51:1d:a9:83:e2:a9:c8:14:
                    62:37:71:1c:30:cd:01:9a:e3:6e:5a:1c:4d:b4:54:
                    5b:f9:bb:d4:59:a4:87:3c:93:ac:0c:ac:1f:c0:e3:
                    3e:a2:b4:af:83:1c:78:20:f9:62:7c:2c:55:08:c2:
                    50:f0:76:4b:d6:e2:be:79:45:45:25:d5:2b:df:85:
                    f4:ea:10:9f:b3:cf:2b:6e:0e:99:a2:de:8c:ae:4e:
                    ca:61:1f:79:82:d9:bf:92:63:23:3e:bb:e2:1f:44:
                    67:56:15:06:df:22:18:95:e5:57:9b:e9:fa:c4:99:
                    e2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:20:55:9E:B3:80:41:1C:29:44:31:21:5D:C1:B3:4F:73:D7:DF:BD
            X509v3 Authority Key Identifier:
                keyid:5F:AD:D0:E9:45:BC:61:10:1C:69:BC:E6:4A:3D:72:8B:A1:BB:86:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X63Q6UW8YRAcabzmSj1yi6G7hmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/b0073d-388f-4ab9-b90e-71c7e8ac59c0/1/hyBVnrOAQRwpRDEhXcGzT3PX370.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/b0073d-388f-4ab9-b90e-71c7e8ac59c0/1/X63Q6UW8YRAcabzmSj1yi6G7hmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.231.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:7b:38:c9:68:c8:92:09:fd:0d:37:c6:b9:14:a4:52:1d:6c:
         dd:7a:08:53:99:61:34:3d:15:de:c4:a8:68:c0:4b:85:5d:37:
         75:c0:cd:07:fc:b0:0b:16:c9:c4:b3:cd:1e:44:27:72:17:47:
         76:14:28:5c:82:17:a0:21:b7:28:c7:77:ca:72:ae:48:6a:e3:
         0a:f5:e0:a7:0f:81:cc:8d:f2:b8:0e:4f:7d:ee:e5:64:ba:e7:
         d1:6f:7c:3c:7c:b4:23:ed:91:1e:20:00:da:1d:47:67:a0:dd:
         7d:53:dd:5f:be:0c:19:e5:6a:46:d3:84:dc:e2:57:d0:43:9e:
         e5:e0:a6:2a:e0:af:36:52:e5:75:f4:23:f4:5c:61:c7:75:ae:
         de:14:37:63:b7:6a:38:b6:40:c6:f2:2d:97:ba:12:88:94:2b:
         65:38:92:49:5f:5f:3e:f3:34:7a:e5:a5:2e:c8:3f:62:e1:03:
         3d:34:ee:c2:c1:22:38:6f:f8:7d:a4:87:ae:e0:09:13:60:97:
         50:85:a6:07:fb:96:d9:63:4e:44:90:7b:6e:a2:0b:63:28:9d:
         19:6b:8a:4d:27:2c:af:a5:23:13:02:03:ac:f5:77:e0:3b:bb:
         ea:2a:f9:27:e4:6f:be:12:7f:ab:9e:b2:c3:75:b4:35:ac:cb:
         25:50:63:35
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDTno1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVm
YWRkMGU5NDViYzYxMTAxYzY5YmNlNjRhM2Q3MjhiYTFiYjg2NjEwHhcNMjIwMTAx
MDA1ODUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NzIwNTU5ZWIzODA0
MTFjMjk0NDMxMjE1ZGMxYjM0ZjczZDdkZmJkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA27ucSBW7imLr5Cbo1f+Sc8UfP5adY7O2pJ6vlJCwRHgoJsnA
fA/D9AEh2LBedfcJeoid3vqEBEtKP7jW60N9XsTxVgW+4Jy61sNImKgCqozli3IW
ETdgpKYNh/hwOZjcfwsrgd2Dna2JFxrc8VYq2S6kUMfwPfvkzrdRC3T2G4f8c3Me
lPcm8cdjEWfrUR2pg+KpyBRiN3EcMM0BmuNuWhxNtFRb+bvUWaSHPJOsDKwfwOM+
orSvgxx4IPlifCxVCMJQ8HZL1uK+eUVFJdUr34X06hCfs88rbg6Zot6Mrk7KYR95
gtm/kmMjPrviH0RnVhUG3yIYleVXm+n6xJniOQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIcgVZ6zgEEcKUQxIV3Bs09z19+9MB8GA1UdIwQYMBaAFF+t0OlFvGEQHGm8
5ko9couhu4ZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WDYzUTZVVzhZUkFjYWJ6bVNqMXlpNkc3aG1FLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jOC9iMDA3M2QtMzg4Zi00YWI5LWI5MGUtNzFjN2U4YWM1OWMwLzEv
aHlCVm5yT0FRUndwUkRFaFhjR3pUM1BYMzcwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9i
MDA3M2QtMzg4Zi00YWI5LWI5MGUtNzFjN2U4YWM1OWMwLzEvWDYzUTZVVzhZUkFj
YWJ6bVNqMXlpNkc3aG1FLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXufBMA0GCSqGSIb3DQEBCwUAA4IB
AQAiezjJaMiSCf0NN8a5FKRSHWzdeghTmWE0PRXexKhowEuFXTd1wM0H/LALFsnE
s80eRCdyF0d2FChcghegIbcox3fKcq5IauMK9eCnD4HMjfK4Dk997uVkuufRb3w8
fLQj7ZEeIADaHUdnoN19U91fvgwZ5WpG04Tc4lfQQ57l4KYq4K82UuV19CP0XGHH
da7eFDdjt2o4tkDG8i2XuhKIlCtlOJJJX18+8zR65aUuyD9i4QM9NO7CwSI4b/h9
pIeu4AkTYJdQhaYH+5bZY05EkHtuogtjKJ0Za4pNJyyvpSMTAgOs9XfgO7vqKvkn
5G++En+rnrLDdbQ1rMslUGM1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org